package wangxiaotao.shiro.realms;


import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import wangxiaotao.entity.Role;
import wangxiaotao.service.AdminService;
import wangxiaotao.shiro.token.CustomToken;
import wangxiaotao.utils.JWTUtils;

import java.util.List;
import java.util.stream.Collectors;

/**
 * 自定义realm
 */
@Slf4j
public class CustomRealm extends AuthorizingRealm {
    @Autowired
    private AdminService adminService;

    @Override//在自定义realm中复写supports方法，使之能识别自定义token
    public boolean supports(AuthenticationToken token) {
        return token instanceof CustomToken;
    }

    /**
     * 授权  授权已经在登录的时候写入了 这里不需要再写入
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        log.debug("------------>CustomRealm doGetAuthorizationInfo授权");
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //获取用户id
        String id = JWTUtils.getClaimByName((String) principalCollection.getPrimaryPrincipal(), "id");
        //角色设置
        List<Role> roleList = adminService.queryRolesByUserId(Integer.parseInt(id));
        if (!roleList.isEmpty()){
            //角色名称过滤
            List<String> roleNames = roleList.stream().map(Role::getRoleName).collect(Collectors.toList());
            //角色id过滤
            List<Integer> roleIds = roleList.stream().map(Role::getRoleId).collect(Collectors.toList());
            //根据角色id查询角色权限
            List<String> permissions = adminService.queryAllResourceMarkByUserId(roleIds);
            //向登录用户中添加角色
            info.addRoles(roleNames);
            //添加权限
            info.addStringPermissions(permissions);
        }
        return info;
    }

    /**
     * 认证 这里已经在service认证过了 直接传入即可
     * @param
     * @return AuthenticationInfo
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        log.debug("------------>CustomRealm doGetAuthenticationInfo认证");
        return new SimpleAuthenticationInfo(token.getPrincipal(),token.getCredentials(),getName());
    }

    /**
     * 重写方法，清除当前用户的 认证缓存
     * @param principals
     */
    @Override
    public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
        super.clearCachedAuthenticationInfo(principals);
    }

    /**
     * 相当于调用上一个方法 clearCachedAuthenticationInfo
     * @param principals
     */
    @Override
    public void clearCache(PrincipalCollection principals) {
        super.clearCache(principals);
    }

    /**
     * 自定义方法：清除所有 授权缓存
     */
    public void clearAllCachedAuthorizationInfo() {
        getAuthorizationCache().clear();
    }

    /**
     * 自定义方法：清除所有 认证缓存
     */
    public void clearAllCachedAuthenticationInfo() {
        getAuthenticationCache().clear();
    }

    /**
     * 自定义方法：清除所有的  认证缓存  和 授权缓存
     */
    public void clearAllCache() {
        clearAllCachedAuthenticationInfo();
        clearAllCachedAuthorizationInfo();
    }
}
